From 072a98ca9aea8bfea7edc65f0a4a230974362b96 Mon Sep 17 00:00:00 2001 From: Sierraffinity Date: Sat, 25 Apr 2020 18:25:55 -0700 Subject: [PATCH] Document undefined sprite template behavior --- gflib/sprite.c | 2 ++ gflib/sprite.h | 4 ++++ src/mevent2.c | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/gflib/sprite.c b/gflib/sprite.c index 2e96acf2c..c7e3d09a3 100644 --- a/gflib/sprite.c +++ b/gflib/sprite.c @@ -878,12 +878,14 @@ void ResetAllSprites(void) ResetSprite(&gSprites[i]); } +// UB: template pointer may point to freed temporary storage void FreeSpriteTiles(struct Sprite *sprite) { if (sprite->template->tileTag != 0xFFFF) FreeSpriteTilesByTag(sprite->template->tileTag); } +// UB: template pointer may point to freed temporary storage void FreeSpritePalette(struct Sprite *sprite) { FreeSpritePaletteByTag(sprite->template->paletteTag); diff --git a/gflib/sprite.h b/gflib/sprite.h index 9753837fd..c9ba9585d 100644 --- a/gflib/sprite.h +++ b/gflib/sprite.h @@ -182,6 +182,10 @@ struct SpriteTemplate SpriteCallback callback; }; +// UB: template pointer is often used to point to temporary storage, +// then later dereferenced after being freed. Usually this won't +// be visible in-game, but this is (part of) what causes the item +// icon palette to flicker when changing items in the bag. struct Sprite { /*0x00*/ struct OamData oam; diff --git a/src/mevent2.c b/src/mevent2.c index 0bbaf6db8..2991ac27c 100755 --- a/src/mevent2.c +++ b/src/mevent2.c @@ -484,9 +484,13 @@ static void sub_801B7D8(u32 command) } if (dest == NULL) + { AGB_ASSERT(0); + } else if (++(*dest) > 999) + { *dest = 999; + } } }